2 files changed, 30 insertions, 0 deletions

diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index b19b962e6..81f480a3d 100644
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -818,6 +818,23 @@ traffic_selector_t *traffic_selector_create_from_string(
 /*
  * see header
  */
+traffic_selector_t *traffic_selector_create_from_cidr(char *string,
+									u_int8_t protocol, u_int16_t port)
+{
+	host_t *net;
+	int bits;
+
+	net = host_create_from_subnet(string, &bits);
+	if (net)
+	{
+		return traffic_selector_create_from_subnet(net, bits, protocol, port);
+	}
+	return NULL;
+}
+
+/*
+ * see header
+ */
 traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
 									u_int16_t from_port, u_int16_t to_port)
 {
diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h
index 7a81521e9..39b8879fd 100644
--- a/src/libstrongswan/selectors/traffic_selector.h
+++ b/src/libstrongswan/selectors/traffic_selector.h
@@ -231,6 +231,19 @@ traffic_selector_t *traffic_selector_create_from_string(
 									char *from_addr, u_int16_t from_port,
 									char *to_addr, u_int16_t to_port);
 
+
+
+/**
+ * Create a traffic selector from a CIDR string.
+ *
+ * @param string		CIDR string, such as 10.1.0.0/16
+ * @param protocol		protocol for this ts, such as TCP or UDP
+ * @param port			single port for this TS, 0 for any port
+ * @return				traffic selector, NULL if string invalid
+ */
+traffic_selector_t *traffic_selector_create_from_cidr(char *string,
+									u_int8_t protocol, u_int16_t port);
+
 /**
  * Create a new traffic selector using data read from the net.
  *